Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

9.8

CRITICAL

CVE-2016-2024

HPE Insight Control before 7.5.1 allow remote attackers to obtain sensitive information, modify data, or cause a denial of service via unspecified vectors....

Affected Products : insight_contol server_migration_package
EPSS Score: %2.16

Published: Jun. 08, 2016

Modified: Apr. 12, 2025
8.1

HIGH

CVE-2016-2022

HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2020, CVE-2016-2021, and CVE-201...

Affected Products : systems_insight_manager matrix_operating_environment
EPSS Score: %0.24

Published: Jun. 08, 2016

Modified: Apr. 12, 2025
8.1

HIGH

CVE-2016-2021

HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2020, CVE-2016-2022, and CVE-201...

Affected Products : systems_insight_manager matrix_operating_environment
EPSS Score: %0.28

Published: Jun. 08, 2016

Modified: Apr. 12, 2025
8.5

HIGH

CVE-2016-2020

HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2021, CVE-2016-2022, and CVE-201...

Affected Products : systems_insight_manager matrix_operating_environment
EPSS Score: %0.25

Published: Jun. 08, 2016

Modified: Apr. 12, 2025
8.1

HIGH

CVE-2016-2019

HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2020, CVE-2016-2021, CVE-2016-2022, and CVE-201...

Affected Products : systems_insight_manager matrix_operating_environment
EPSS Score: %0.28

Published: Jun. 08, 2016

Modified: Apr. 12, 2025
9.1

CRITICAL

CVE-2016-2018

HPE Systems Insight Manager (SIM) before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors....

Affected Products : systems_insight_manager matrix_operating_environment
EPSS Score: %1.50

Published: Jun. 08, 2016

Modified: Apr. 12, 2025
8.1

HIGH

CVE-2016-2017

HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2019, CVE-2016-2020, CVE-2016-2021, CVE-2016-2022, and CVE-201...

Affected Products : systems_insight_manager matrix_operating_environment
EPSS Score: %0.71

Published: Jun. 08, 2016

Modified: Apr. 12, 2025
7.8

HIGH

CVE-2016-1418

Cisco Aironet Access Point Software 8.2(100.0) on 1830e, 1830i, 1850e, 1850i, 2800, and 3800 access points allows local users to obtain Linux root access via crafted CLI command parameters, aka Bug ID CSCuy64037....

Affected Products : aironet_access_point_software aironet_access_point_software aironet_access_point_software_ aironet_1830e aironet_1830i aironet_1850e aironet_1850i aironet_2800 aironet_3800
EPSS Score: %0.31

Published: Jun. 08, 2016

Modified: Apr. 12, 2025
7.5

HIGH

CVE-2016-1405

libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote att...

Affected Products : clamav web_security_appliance email_security_appliance
EPSS Score: %2.31

Published: Jun. 08, 2016

Modified: Apr. 12, 2025
7.3

HIGH

CVE-2015-8800

Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP) before 5.2.9 MP6, Data Center Se...

Affected Products : symantec_critical_system_protection symantec_data_center_security_server symantec_data_center_security_server_and_agents symantec_embedded_security_critical_system_protection symantec_embedded_security_critical_system_protection_for_controllers_and_devices
EPSS Score: %0.40

Published: Jun. 08, 2016

Modified: Apr. 12, 2025
7.6

HIGH

CVE-2015-8799

Directory traversal vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Crit...

Affected Products : symantec_critical_system_protection symantec_data_center_security_server symantec_data_center_security_server_and_agents symantec_embedded_security_critical_system_protection symantec_embedded_security_critical_system_protection_for_controllers_and_devices
EPSS Score: %1.62

Published: Jun. 08, 2016

Modified: Apr. 12, 2025
8.0

HIGH

CVE-2015-8798

Directory traversal vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Crit...

Affected Products : symantec_critical_system_protection symantec_data_center_security_server symantec_data_center_security_server_and_agents symantec_embedded_security_critical_system_protection symantec_embedded_security_critical_system_protection_for_controllers_and_devices
EPSS Score: %1.55

Published: Jun. 08, 2016

Modified: Apr. 12, 2025
8.8

HIGH

CVE-2015-8157

SQL injection vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical S...

Affected Products : symantec_critical_system_protection symantec_data_center_security_server symantec_data_center_security_server_and_agents symantec_embedded_security_critical_system_protection symantec_embedded_security_critical_system_protection_for_controllers_and_devices
EPSS Score: %0.40

Published: Jun. 08, 2016

Modified: Apr. 12, 2025
7.5

HIGH

CVE-2016-4545

Virtual servers in F5 BIG-IP 11.5.4, when SSL profiles are enabled, allow remote attackers to cause a denial of service (resource consumption and Traffic Management Microkernel restart) via an SSL alert during the handshake....

Affected Products : big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_global_traffic_manager big-ip_link_controller big-ip_local_traffic_manager big-ip_policy_enforcement_manager
EPSS Score: %1.72

Published: Jun. 07, 2016

Modified: Apr. 12, 2025
5.3

MEDIUM

CVE-2016-3093

Apache Struts 2.0.0 through 2.3.24.1 does not properly cache method references when used with OGNL before 3.0.12, which allows remote attackers to cause a denial of service (block access to a web site) via unspecified vectors....

Affected Products : struts ognl
EPSS Score: %4.65

Published: Jun. 07, 2016

Modified: Apr. 12, 2025
9.8

CRITICAL

CVE-2016-3087

Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via vectors related to an ! (exclamation mark) operator to the REST Plugin....

Affected Products : struts
EPSS Score: %86.54

Published: Jun. 07, 2016

Modified: Apr. 12, 2025
8.8

HIGH

CVE-2016-3072

Multiple SQL injection vulnerabilities in the scoped_search function in app/controllers/katello/api/v2/api_controller.rb in Katello allow remote authenticated users to execute arbitrary SQL commands via the (1) sort_by or (2) sort_order parameter....

Affected Products : enterprise_linux satellite subscription_asset_manager katello
EPSS Score: %0.86

Published: Jun. 07, 2016

Modified: Apr. 12, 2025
5.9

MEDIUM

CVE-2013-7440

The ssl.match_hostname function in CPython (aka Python) before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate....

Affected Products : python
EPSS Score: %0.38

Published: Jun. 07, 2016

Modified: Apr. 12, 2025
5.6

MEDIUM

CVE-2016-5242

The p2m_teardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (NULL pointer dereference and host OS crash) by creating concurrent domains and holding refere...

Affected Products : xen
EPSS Score: %0.06

Published: Jun. 07, 2016

Modified: Apr. 12, 2025
4.7

MEDIUM

CVE-2016-4963

The libxl device-handling in Xen through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service (management tool confusion) by manipulating information in the backend directories in xenstore....

Affected Products : xen
EPSS Score: %0.05

Published: Jun. 07, 2016

Modified: Apr. 12, 2025

Showing 20 of 291617 Results

Latest CVE Feed

9.8

8.1

8.1

8.5

8.1

9.1

8.1

7.8

7.5

7.3

7.6

8.0

8.8

7.5

5.3

9.8

8.8

5.9

5.6

4.7

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable